<?php
// 设置会话cookie参数
session_set_cookie_params([
    'lifetime' => 86400, // 24小时
    'path' => '/',
    'secure' => true,    // 仅通过HTTPS
    'httponly' => true,
    'samesite' => 'Strict'
]);

// 启动会话
session_start();

// 生成CSRF令牌
if (empty($_SESSION['csrf_token'])) {
    $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}

// 如果CSRF令牌不存在或已过期，生成新的令牌
if (!isset($_SESSION['csrf_token']) || 
    !isset($_SESSION['csrf_token_time']) || 
    time() - $_SESSION['csrf_token_time'] > CSRF_TOKEN_TIMEOUT) {
    
    $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
    $_SESSION['csrf_token_time'] = time();
} 